From 302af823a3509e5faa0e5cfcacdef2e480250d88 Mon Sep 17 00:00:00 2001
From: orignal <i2porignal@yandex.ru>
Date: Sat, 30 Dec 2023 15:55:53 -0500
Subject: [PATCH] fixed race condition with openssl 3.2.0

---
 libi2pd/Signature.cpp | 38 +++++++++++++++++++++++++-------------
 libi2pd/Signature.h   |  2 --
 2 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/libi2pd/Signature.cpp b/libi2pd/Signature.cpp
index 60cdbec2..342b6d03 100644
--- a/libi2pd/Signature.cpp
+++ b/libi2pd/Signature.cpp
@@ -18,12 +18,10 @@ namespace crypto
 	EDDSA25519Verifier::EDDSA25519Verifier ():
 		m_Pkey (nullptr)
 	{
-		m_MDCtx = EVP_MD_CTX_create ();
 	}
 
 	EDDSA25519Verifier::~EDDSA25519Verifier ()
 	{
-		EVP_MD_CTX_destroy (m_MDCtx);
 		EVP_PKEY_free (m_Pkey);
 	}
 
@@ -35,8 +33,17 @@ namespace crypto
 
 	bool EDDSA25519Verifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
 	{
-		EVP_DigestVerifyInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
-		return EVP_DigestVerify (m_MDCtx, signature, 64, buf, len);
+		if (m_Pkey)
+		{	
+			EVP_MD_CTX * ctx = EVP_MD_CTX_create ();
+			EVP_DigestVerifyInit (ctx, NULL, NULL, NULL, m_Pkey);
+			auto ret = EVP_DigestVerify (ctx, signature, 64, buf, len);
+			EVP_MD_CTX_destroy (ctx);	
+			return ret;	
+		}	
+		else
+			LogPrint (eLogError, "EdDSA verification key is not set");
+		return false;
 	}
 
 #else
@@ -101,7 +108,7 @@ namespace crypto
 
 #if OPENSSL_EDDSA
 	EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey):
-		m_MDCtx (nullptr), m_Pkey (nullptr), m_Fallback (nullptr)
+		m_Pkey (nullptr), m_Fallback (nullptr)
 	{
 		m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_ED25519, NULL, signingPrivateKey, 32);
 		uint8_t publicKey[EDDSA25519_PUBLIC_KEY_LENGTH];
@@ -111,30 +118,35 @@ namespace crypto
 		{
 			LogPrint (eLogWarning, "EdDSA public key mismatch. Fallback");
 			m_Fallback = new EDDSA25519SignerCompat (signingPrivateKey, signingPublicKey);
+			EVP_PKEY_free (m_Pkey);
+			m_Pkey = nullptr;
 		}
-		else
-			m_MDCtx = EVP_MD_CTX_create ();
 	}
 
 	EDDSA25519Signer::~EDDSA25519Signer ()
 	{
 		if (m_Fallback) delete m_Fallback;
-		EVP_MD_CTX_destroy (m_MDCtx);
-		EVP_PKEY_free (m_Pkey);
+		if (m_Pkey) EVP_PKEY_free (m_Pkey);
 	}
 
 	void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const
 	{
-		if (m_Fallback) return m_Fallback->Sign (buf, len, signature);
-		else
+		if (m_Fallback) 
+			return m_Fallback->Sign (buf, len, signature);
+		else if (m_Pkey)
 		{
+				
+			EVP_MD_CTX * ctx = EVP_MD_CTX_create ();
 			size_t l = 64;
 			uint8_t sig[64]; // temporary buffer for signature. openssl issue #7232
-			EVP_DigestSignInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
-			if (!EVP_DigestSign (m_MDCtx, sig, &l, buf, len))
+			EVP_DigestSignInit (ctx, NULL, NULL, NULL, m_Pkey);
+			if (!EVP_DigestSign (ctx, sig, &l, buf, len))
 				LogPrint (eLogError, "EdDSA signing failed");
 			memcpy (signature, sig, 64);
+			EVP_MD_CTX_destroy (ctx);
 		}
+		else
+			LogPrint (eLogError, "EdDSA signing key is not set");
 	}
 #endif
 }
diff --git a/libi2pd/Signature.h b/libi2pd/Signature.h
index 671ebfb7..8bd94357 100644
--- a/libi2pd/Signature.h
+++ b/libi2pd/Signature.h
@@ -304,7 +304,6 @@ namespace crypto
 		private:
 
 #if OPENSSL_EDDSA
-			EVP_MD_CTX * m_MDCtx;
 			EVP_PKEY * m_Pkey;
 #else
 			EDDSAPoint m_PublicKey;
@@ -342,7 +341,6 @@ namespace crypto
 
 		private:
 
-			EVP_MD_CTX * m_MDCtx;
 			EVP_PKEY * m_Pkey;
 			EDDSA25519SignerCompat * m_Fallback;
 	};